As an illustration of how the LuciGate Firewall might be used in practice a hypothetical scenario is shown in the diagram below. This example is also described in the Appendix of the LuciGate User Guide.

It depicts an organisation that has a local network which includes a registered subnet 194.0.0.0 to 194.0.0.7 named LocalNet.

It has an access router (router 1), to the Internet and the LuciGate Firewall (LuciGate 1) has been placed in the usual position to protect the network. There is no significance in the way the IP addresses have been allocated in the example and there is no need for the LuciGate itself to have an IP address. One “specially” privileged remote host has been identified as lucidata for the purposes of this example.

Within the subnet the users have different requirements to access the Internet and therefore their access is tailored to their requirements, not so much to limit their capability, but to minimise their visibility in the global IP/Protocol/Port address space.

The users are pure Clients but the network also hosts its own Web Server called server1. Server1 also acts as a proxy mail server.

Diplomat jrN is a special piece of hardware performing some esoteric control and monitor function on local equipment and is monitored and configured from lucidata remotely.

We will use this same scenario to illustrate several common type of configuration. Before we start however we must make sure all the things we are going to talk about have been given mnemonic names in the appropriate mnemonic files. The five mnemonic files relevant to this tutorial are listed below for ease of reference.